Abstract
Avoiding attacks on civilian targets during cyberwarfare is more difficult than it seems. We discuss ways in which an ostensibly military cyberattack could accidentally hit a civilian target. Civilian targets are easier to attack than military targets, and an adversary may be tempted to be careless in targeting. Dual-use targets are common in cyberspace since militaries frequently exploit civilian cyber infrastructure such as networks and common software, and hitting that infrastructure necessarily hurts civilians. Civilians can be necessary intermediate objectives to get to an adversary’s military, since direct Internet connections between militaries can be easily blocked. Cyberwarfare methods are unreliable, so cyberattacks tend to use many different methods simultaneously, increasing the risk of civilian spillover. Military cyberattacks are often seen by civilian authorities, then quickly analyzed and reported to the public; this enables criminals to quickly exploit the attack methods to harm civilians. Many attacks use automatic propagation methods which have difficulty distinguishing civilians. Finally, many cyberattacks spoof civilians, encouraging counterattacks on civilians; that is close to perfidy, which is outlawed by the laws of armed conflict. We discuss several additional problems, including the public’s underestimated dependence on digital technology, their unpreparedness for cyberwarfare, and the indirect lethal effects of cyberattacks. We conclude with proposed principles for ethical conduct of cyberwarfare to minimize unnecessary harm to civilians, and suggest designating cyberspace “safe havens”, enforcing reparations, and emphasizing cyber coercion rather than cyberwarfare.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Al-Qasem, I., S. Al-Qasem, and A. Al-Hammouri, 2013. Leveraging online social networks for a real-time malware alerting system. In: Proceedings of the 38th IEEE conference on local computer networks, Sydney, AU, October, 272–275.
Angwin, J. 2014. Dragnet nation: A quest for privacy, security, and freedom in a world of relentless surveillance. New York: Times Books.
Anonymous. 2012, July. The collateral damage of Internet censorship by DNS injection. ACM SIGCOMM Computer Communications Review, 42(3):22–27.
Brenner, S., and L. Clarke. 2011. Civilians in cyberwarfare: Casualties. http://works.bepress.com/susan_brenner/3. Accessed 1 Nov 2011.
Burnham, G., R. Lafta, S. Doocy, and L. Roberts. 2006, October 11. Mortality after the 2003 invasion of Iraq: A cross-sectional cluster sample. The Lancet, 368(9545):1421–1428.
Clarke, R., and R. Knake. 2010. Cyber war: The next threat to national security and what to do about it. New York: HarperCollins.
Dinniss, H. 2012. Cyber warfare and the laws of war. Cambridge: Cambridge University Press.
Elisan, C. 2012. Malware, rootkits, and botnets: A beginner’s guide. New York: McGraw-Hill Osborne.
Flemming, D., and N. Rowe. 2015. Cyber coercion: Cyber operations short of cyberwar. In: Proceedings of the 10th international conference on cyber warfare and security, Skukuza, South Africa, March.
Geers, K., D. Kindlund, N. Moran, and Rachwald. 2013. World War C: Understanding nation-state motives behind today’s advanced cyber attacks. http://www.FireEye.com. Accessed 7 Apr 2013.
Geiss, R., and H. Lahmann. 2012, November. Cyber warfare: Applying the principle of distinction in an interconnected space. Israel Law Review 45(3):381–399.
Gross, M. 2012. A declaration of cyber-war. Vanity Fair, April 2011. Retrieved May 12, 2012, from www.vanityfair.com/culture/features/2011/04/stuxnet-201104.
Hagopian, A., A. Flaxman, T. Takaro, E. Shatari, A. Sahar, J. Rajaratnam, S. Becker, A. Levin-Rector, L. Galway, H. Al-Yasseri, J. Berq, W. Weiss, C. Murray, G. Burnham, and E. Mills. 2013, October 15. Mortality in Iraq associated with the 2003–2011 war and occupation: Findings from a national cluster sample survey by the University Collaborative Iraq Mortality Study. PLoS Medicine 10(10). http://www.plosmedicine.org/article/info%3Adoi%2F10.1371%2Fjournal.pmed.1001533. Accessed 9 Nov 2013.
Hashim, S., A. Ramli, F. Hashim, K. Samsudin, R. Abdulla, R. Azmir, L. Barakat, A. Osamah, I. Ahmed, and M. Al_Habshi. 2013, September. Scarecrow: Scalable malware reporting, detection, and analysis. Journal of Convergence Information Technology 8(14): 9–19.
International Committee of the Red Cross (ICRC). 2015. Treaties and customary law. http://www.icrc.org/en/war-and-law/treaties-customary-law. Accessed 11 Jan 2015.
Kaplan, D. 2011, October 18. New malware appears carrying Stuxnet code. SC Magazine. http://www.scmagazine.com/new-malware-appears-carrying-stuxnet-code/article/214707. Accessed 1 Aug 2012.
Kaurin, P. 2007. When less is more: expanding the combatant/noncombatant distinction. In Rethinking the just war tradition, ed. M. Brough., J. Lango and H. van der Linden, Chapter 6. New York: SUNY Press.
Kimmel, P., and C. Stout (eds.). 2006. Collateral damage: The psychological consequences of America’s war on terrorism. Westport: Praeger.
Kinsella, H. 2011. The image before the weapon: a critical history of the distinction between combatant and civilian. Ithaca: Cornell University Press.
Pearce, M., S. Zeadally, and R. Hunt. 2013, February. Virtualization: Issues, security threats, and solutions. ACM Computing Surveys 45(2):17.
Raymond, D., G. Conti, T. Cross, and R. Fanelli. 2013. A control measure framework to limit collateral damage and propagation of cyber weapons. In: Proceedings of fifth international conference on cyber conflict, Tallinn, Estonia.
Rowe, N. 2013. Cyber perfidy. In The Routledge handbook of war and ethics, ed. F. Allhoff, N. Evans and A. Henschke, Chapter 29, 394–404. New York: Routledge.
Rowe, N. 2015. Distinctive ethical challenges of cyberweapons. In The research handbook on cyber security, ed. N. Tsagourias and R. Buchan, Chapter 14, 307–325. Cheltenham: Edward Elgar Publishing.
Shakarian, P., J. Shakarian, and A. Ruef. 2013. Introduction to cyber-warfare: A multidisciplinary approach. Amsterdam: Syngress.
Slay, J., and M. Miller. 2008. Lessons learned from the Maroochy water breach. In: Critical infrastructure protection, ed. E. Goetz and S. Shenoi, Chapter 6. New York: Springer.
Smith, T. 2002. The new law of war: Legitimizing hi-tech and infrastructural violence. International Studies Quarterly 46: 355–374.
TechRepublic. 2005. Flaw finders go their own way. http://www.techrepublic.com/forum/discussions/9-167221, dated January 26, 2005. Accessed 1 Aug 2012.
USCCU (United States Cyber Consequences Unit). 2009, August. Overview by the US-CCU of the cyber campaign against Georgia in August of 2008. US-CCU special report. http://www.usccu.org. Accessed 2 Nov 2009.
von Heinegg, W. 2012. Neutrality in cyberspace. In: Proceedings of the 4th international conference on cyber conflict, Tallinn, Estonia.
War Legacies Project. 2010. Agent orange record. http://www.agentorangerecord.com. Accessed 2 Mar 2015.
Acknowledgements
The views expressed are those of the author and do not represent the U.S. Government. This work was supported by the U.S. National Science Foundation under the Secure and Trustworthy Cyberspace program.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Rowe, N.C. (2017). Challenges of Civilian Distinction in Cyberwarfare. In: Taddeo, M., Glorioso, L. (eds) Ethics and Policies for Cyber Operations. Philosophical Studies Series, vol 124. Springer, Cham. https://doi.org/10.1007/978-3-319-45300-2_3
Download citation
DOI: https://doi.org/10.1007/978-3-319-45300-2_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-45299-9
Online ISBN: 978-3-319-45300-2
eBook Packages: Religion and PhilosophyPhilosophy and Religion (R0)